package cn.javasea.rbac.shiro;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 *@ClassName BaseExceptionHandler
 *@Description TODO
 *@Author longxiaonan@163.com
 *@Date 2021/7/6 0006 11:12
 */
@ControllerAdvice
public class BaseExceptionHandler {

    /**
     * 接口授权约束注解 @RequiresPermissions 如果匹配到是未授权，那么会抛出异常 AuthenticationException
     * 故在次做拦截。
     * @param request
     * @param response
     * @param ex
     * @return
     */
    @ExceptionHandler(value = AuthenticationException.class)
    @ResponseBody
    public String error(HttpServletRequest request, HttpServletResponse response, AuthenticationException ex){
        return "未授权";
    }

}
